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CLAIMS 

1 . In an intermediate node of a data network that comprises one or more virtual local 
area networks (VLANs), the intermediate node containing a forwarding database com- 
prising one or more forwarding database entries, a method for controlling flooding of 
packets on a VLAN comprising the steps of: 

establishing a limit that indicates a number of forwarding database entries that 
may be associated with the VLAN; 

determining if a number of forwarding database entries associated with the VLAN 
matches the limit established for the VLAN; and 

if so, performing an action for controlling the flooding of packets on the VLAN. 

2. A method as defined in claim 1 wherein the intermediate node contains a media 
access control (MAC) limit database comprising one or more MAC limit database entries 
wherein each entry is associated with a VLAN and contains a MAC limit that indicates a 
number of forwarding database entries associated with the VLAN and a MAC count that 
indicates a number of forwarding database entries associated with the VLAN. 

3. A method as defined in claim 2 comprising the steps of: 

locating a MAC limit database entry associated with the VLAN; and 
comparing the MAC count of the MAC limit database entry with the MAC limit 
of the MAC limit database entry to determine if the number of forwarding database en- 
tries associated with the VLAN matches the limit established for the VLAN. 

4. A method as defined in claim 2 comprising the steps of: 
accessing a forwarding database entry associated with the VLAN; 
locating a MAC limit database entry associated with the VLAN; 

comparing the MAC count of the MAC limit database entry with the MAC limit 
of the MAC limit database entry to determine if the MAC count matches the MAC limit; 
and 

if not, updating the MAC count. 

17 

H:\l 12\025\0531\PROSECUT\0531.doc 1 1/04/03 12:15 PM 



PATENT 
7231/112025-0531 



5. A method as defined in claim 1 wherein the action includes logging a message to 
a log accessible to the intermediate node. 

6. A method as defined in claim 1 wherein the action includes disabling flooding for 
the VLAN. 

7. A method as defined in claim 1 wherein the action includes disabling forwarding 
packets for the VLAN. 

8. A method as defined in claim 1 wherein the action includes disabling learning for 
the VLAN. 

9. A method as defined in claim 1 comprising the steps of: 
acquiring a packet wherein the packet is associated with the VLAN; 
determining if the VLAN is shut down; and 

if so, dropping the packet. 

10. A method as defined in claim 1 comprising the steps of: 
acquiring a packet wherein the packet is associated with the VLAN; 
determining if the forwarding database contains an entry which contains a MAC 

address that matches a source address contained in the packet; 

if not, determining if learning is disabled for the VLAN; and 

if not, generating a forwarding database entry that contains the source address of 

the packet. 

11. A method as described in claim 1 comprising the steps of: 
acquiring a packet wherein the packet is associated with the VLAN; 
determining if the forwarding database contains an entry which contains a MAC 

address that matches a destination address contained in the packet; 
if not, determining if flooding is enabled for the VLAN; and 

18 

H:\l 12\025\0531\PROSECUT\053i.doc 1 1/04/03 12:15 PM 



if so, flooding the packet. 



PATENT 
7231/112025-0531 



12. An intermediate node coupled to a data network containing one or more VLANs, 
the intermediate node comprising: 

a forwarding database containing one or more entries wherein each entry is asso- 
ciated with a node accessible to the intermediate node and wherein each entry is associ- 
ated with a virtual local area network (VLAN); and 

a processor configured to, for each VLAN, (i) establish a limit for the VLAN 
wherein the limit indicates a number of forwarding database entries that may be associ- 
ated with the VLAN, (ii) determine if a number of entries in the forwarding database as- 
sociated with the VLAN matches the limit established for the VLAN, and (iii) if so, per- 
form an action for controlling the flooding of packets on the VLAN. 

13. An intermediate node as defined in claim 12 further comprising: 

a media access control (MAC) limit database having one or more MAC limit da- 
tabase entries wherein each entry is associated with a VLAN and contains a MAC limit 
that indicates a number of forwarding database entries associated with the VLAN and a 
MAC count that indicates a number of entries in the forwarding database associated with 
the VLAN. 

14. An intermediate node as defined in claim 13 wherein the processor is configured 
to, for each entry in the forwarding database, compare the MAC count with the MAC 
limit of the VLAN associated with the forwarding database entry to determine if the 
MAC count matches the MAC limit. 

15. A intermediate node as defined in claim 13 wherein the processor is configured to 
update the MAC count if the MAC count does not match the MAC limit. 

16. An intermediate node as defined in claim 12 wherein the action includes logging a 
message to a log accessible to the intermediate node. 
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17. An intermediate node as defined in claim 12 wherein the action includes disabling 
flooding for the VLAN. 

18. An intermediate node as defined in claim 12 wherein the action includes disabling 
forwarding packets for the VLAN. 

19. An intermediate node as defined in claim 12 wherein the action includes disabling 
learning for the VLAN. 

20. A system comprising: 

a forwarding database comprising one or more forwarding database entries asso- 
ciated with a VLAN; 

means for establishing a limit wherein the limit indicates a number of entries 
contained in the forwarding database associated with the VLAN; 

means for determining if a number of entries in the forwarding database associ- 
ated with the VLAN matches the limit established for the VLAN; and 

means for performing an action for controlling the flooding of packets on the 
VLAN, if the number of entries in the forwarding database associated with the VLAN 
matches the limit established for the VLAN. 

21. A system as defined in claim 20 comprising: 

a media access control (MAC) limit database comprising one or more MAC limit 
database entries wherein each entry is associated with a VLAN and contains a MAC limit 
that indicates a number of forwarding database entries associated with the VLAN and a 
MAC count that indicates a number of entries in the forwarding database associated with 
the VLAN. 

22. A system as defined in claim 20 comprising: 

means for accessing an entry in the forwarding database associated with a VLAN; 
means for comparing a MAC count with a MAC limit associated with the VLAN 
to determine if the MAC count matches the MAC limit; and 
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means for updating the MAC count, if the MAC count does not match the MAC 

limit. 

23. A computer readable medium containing computer executable instructions for 
controlling the flooding of packets on a VLAN, the computer readable medium contain- 
ing computer executable instructions for: 

establishing a limit of a number of forwarding database entries associated with the 

VLAN; 

determining if a number of entries in the forwarding database associated with the 
VLAN matches the limit established for the VLAN; and 

if so, performing an action for controlling the flooding of packets on the VLAN. 
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